<%#
kind: finish
name: Junos default finish
model: ProvisioningTemplate
oses:
- Junos
description: |
  Generates a Junos OS configuration file. That can be used by Autoinstallation on Juniper
  network devices. For more information, see https://projects.theforeman.org/issues/3906
-%>
system {
    host-name <%= @host %>;
    time-zone <%= host_param('time-zone') || 'Etc/UTC' %>;
    root-authentication {
        encrypted-password "<%= root_pass %>"; ## SECRET-DATA
    }
    name-server {
        <% if @host.subnet.dns_servers.empty? -%>
        8.8.8.8;
        <% end -%>
        <% @host.subnet.dns_servers.each do |nameserver| -%>
        <%= nameserver %>;
        <% end -%>
    }
    ntp {
        boot-server <%= host_param('ntp-server') || '0.pool.ntp.org' %>;
        server <%= host_param('ntp-server') || '0.pool.ntp.org' %>;
    }
    login {
        message "This device was provisioned by using The Foreman!\nSee http://theforeman.org/ for further information.\n";
        class automation {
            permissions all;
        }
        user puppet {
            uid 2001;
            class automation;
            authentication {
                encrypted-password "<%= root_pass %>"; ## SECRET-DATA
            }
            shell csh;
        }
    }
    services {
        ssh {
            protocol-version v2;
        }
        netconf {
            ssh;
        }
    }
    syslog {
        user * {
            any emergency;
        }
        file messages {
            any notice;
            authorization info;
        }
        file interactive-commands {
            interactive-commands any;
        }
    }
    ntp {
        boot-server 0.pool.ntp.org;
        server 0.pool.ntp.org;
        server 1.pool.ntp.org;
    }
    extensions {
        providers {
            juniper {
                license-type juniper deployment-scope commercial;
            }
        }
    }
}
chassis {
    alarm {
        management-ethernet {
            link-down ignore;
        }
    }
}
interfaces {
    interface-range ACCESS-PORT {
        member ge-0/0/0;
        unit 0 {
            family ethernet-switching {
                port-mode access;
            }
        }
    }
    interface-range UPLINK-PORT {
        member ge-0/0/47;
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members all;
                }
            }
        }
    }
    vlan {
        unit 37 {
            family inet;
        }
    }
    vme {
        unit 0 {
            family inet {
                dhcp;
            }
        }
    }
}
protocols {
    igmp-snooping {
        vlan all;
    }
    rstp;
    lldp {
        interface all;
    }
    lldp-med {
        interface all;
    }
}
ethernet-switching-options {
    storm-control {
        interface all;
    }
    bpdu-block {
        interface ACCESS-PORT;
        disable-timeout 120;
    }
}
vlans {
    testlan {
        vlan-id 37;
        l3-interface vlan.37;
    }
}
groups {
    fmztp {
        apply-macro conf {
            package jinstall-ex-4200-<%= @host.operatingsystem.major %>R<%= @host.operatingsystem.minor %>-domestic-signed.tgz;
            puppet jpuppet-ex-1.0R1.1.tgz;
        }
    }
}
